All three state elections officials on a panel before the Senate Rules Committee Wednesday told lawmakers that they would gladly accept more financial assistance from the federal government for election security.
The Election Assistance Commission (EAC) continues to dole out grants for states as part of a $380 million fund Congress appropriated in March under the Help America Vote Act (HAVA). But the officials who run the country’s elections have some differences about the role federal lawmakers and agencies should play, with some worrying about overreach into a process run by the states.
There was no disagreement at the hearing, however, that additional money would be welcomed.
“While our upgrades to equipment and cybersecurity will be an ongoing challenge for many states, the federal funding received will regrettably be insufficient to do all that we want or need,” said Jim Condos, Vermont’s secretary of state. “However, we are very grateful for the boost that these federal funds provide us at this time.”
Steve Simon, Minnesota’s secretary of state, also said that his state plans to use all of the $6.6 million afforded to it in the bill, but that it needs more to support ongoing efforts.
“I would respectfully request that those in Congress consider some ongoing way to provide some resources for us along those same lines. And while we don’t want to look a gift horse in the mouth and we are very grateful and I know I am, this is expensive,” Simon said.
“If you send it, we will use it,” said Jay Ashcroft, Missouri’s secretary of state.
But Ashcroft also faulted the federal government for not adequately coordinating with election officials, saying that it has often provided incomplete information.
In January 2017, the Department of Homeland Security designated election systems as critical infrastructure, marking the beginning of the agency’s efforts to engage with state and local officials on defending elections from cyberthreats. But states at the time criticized DHS for being unclear about the designation and potential federal overreach.
At a separate Senate hearing Wednesday, Intelligence Committee Chair Richard Burr, R-N.C., said that the designation’s timing led to confusion as officials at all levels of government were still learning about the extent of interference in the months before the 2016 election.
“In hindsight, it was the worst thing we could have said to state officials because … they took it as the federal government was going to takeover the election process. We’ve tried to point some of these things out and we’ll need to be more sensitive in the future,” Burr said.
Additional funding could go toward hiring IT staff, implementing new cybersecurity measures and running post-election audits, the officials at the Rules Committee hearing said.
Condos said that Vermont plans to use its share of the current funding — $3 million, the smallest possible amount — to implement two-factor authentication for all local clerks’ election staff, conduct penetration testing on the state’s election management system, and follow all general elections with audits.
“What we really need is ongoing maintenance. Cybersecurity is an evolving science and an evolving practice. We have continuous needs moving forward,” Condos said.
Simon said that his office plans to put $1.5 million of its share toward revamping the statewide voter registration system. Registration systems have been a potential target of cyberattacks, as they were leading up to the 2016 election.
According to the EAC, 36 states have put in their requests for the HAVA funding. Condos, who is also the incoming president of the National Association of Secretaries of State, explained that some states have to jump through legislative hoops in order to request the money, as what happened with Florida, while others are still formulating a plan for what to do with it.
Asked by committee chair Sen. Roy Blunt, R-Mo., whether additional funding should come with a requirement that states run post-election audits, the election officials gave differing responses.
Condos and Simon agreed that ensuring audits would be beneficial, while Ashcroft argued that such a requirement would be redundant.
“I believe states are moving to do that without federal legislation. So that’s why I don’t think federal action needs to be done on that,” Ashcroft said.
Such a requirement is included in the Secure Elections Act, which Sens. James Lankford, R-Okla., and Amy Klobuchar, D-Minn., fought but failed to include as an amendment in a 2019 defense policy bill currently being hashed out by Congress. Certain states have taken their own steps toward making sure their election results can be audited.